Add Dockerfile #1348
Add Dockerfile #1348
Conversation
|
This seems to be working just fine. Can be merged imho! |
|
@evanp do you want to do a review on this? You're more familiar with Docker than me |
docker/README.md
Outdated
| ``` | ||
|
|
||
| The Dockerfile also allows to define the UID and GUID of the `pumpio` user which runs pump.io via build arguments. | ||
| ``` |
docker/README.md
Outdated
|
|
||
| ## Running | ||
|
|
||
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for the mongodb. The recommended way to configure pump.io is to configure the options via environment variables, as described in the projects README. You can see some example variables in the `docker-compose.yml` file. This file wil also show a basic working version which you can expand on. |
docker/README.md
Outdated
|
|
||
| ## Running | ||
|
|
||
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for the mongodb. The recommended way to configure pump.io is to configure the options via environment variables, as described in the projects README. You can see some example variables in the `docker-compose.yml` file. This file wil also show a basic working version which you can expand on. |
docker/README.md
Outdated
|
|
||
| ## Running | ||
|
|
||
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for the mongodb. The recommended way to configure pump.io is to configure the options via environment variables, as described in the projects README. You can see some example variables in the `docker-compose.yml` file. This file wil also show a basic working version which you can expand on. |
docker/README.md
Outdated
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for the mongodb. The recommended way to configure pump.io is to configure the options via environment variables, as described in the projects README. You can see some example variables in the `docker-compose.yml` file. This file wil also show a basic working version which you can expand on. | ||
|
|
||
| Running via `docker-swarm`: | ||
| ``` |
docker/Dockerfile
Outdated
| && adduser -S -D -H -G "pumpio" -h "/usr/local/pumpio" -u "${PUMPIO__UID}" "pumpio" \ | ||
| && chown -R "pumpio:pumpio" /usr/local/pumpio \ | ||
| && mkdir -p /usr/local/bin \ | ||
| && ln -s ${PUMP_LOCATION}/bin/pump /usr/local/bin/pumpio \ |
There was a problem hiding this comment.
Probably this should link to pump instead of pumpio a) for consistency with the npm package and b) since you're calling pump down below
docker/Dockerfile
Outdated
| && npm install databank-mongodb \ | ||
| && addgroup -S -g "${PUMPIO__GUID}" "pumpio" \ | ||
| && adduser -S -D -H -G "pumpio" -h "/usr/local/pumpio" -u "${PUMPIO__UID}" "pumpio" \ | ||
| && chown -R "pumpio:pumpio" /usr/local/pumpio \ |
There was a problem hiding this comment.
Why is this in /usr/local? /var/local would probably be better
There was a problem hiding this comment.
This is just so if you would ever want to drop into a shell inside the container your home would be the place that pump.io is located at. Just for convenience, though it does clash a bit with LFS.
There was a problem hiding this comment.
wait, scratch that comment, thought you were referring to L21.
There was a problem hiding this comment.
No, I was. Though I think I got it confused - /usr/local/pumpio is supposed to be the place where the source is, right? Not where datadir is? In that case it should be left as root:root. No reason to make it owned by the pump user and it increases attack surface.
docker/Dockerfile
Outdated
| FROM alpine:3.5 | ||
| LABEL maintainer Jan Koppe <post@jankoppe.de> | ||
|
|
||
| ARG PUMPIO__GUID=1337 |
There was a problem hiding this comment.
Not sure that it makes a difference practically but these should probably be system users (<1000), though I do appreciate the choice of 1337 :)
There was a problem hiding this comment.
Yes, it could be a system user. I don't really see if/how this would make any practical difference, but I don't have any strong opinion about this. Do you have a proposal for a new UID/GUID?
I intentionally made this a build arg, because sometimes it's more comfortable to change the UID/GUID for running in production (file permissions, etc)
There was a problem hiding this comment.
@JanKoppe I wasn't suggesting it not be a build argument, just that the default should be a system user. I don't know if this makes any practical difference either, but it seems like we might as well play it safe :)
Maybe make it 42? Not sure if that's too low (i.e. already occupied); I don't think so though.
docker/Dockerfile
Outdated
| ARG PUMPIO__GUID=1337 | ||
| ARG PUMPIO__UID=1337 | ||
|
|
||
| ENV PUMP_LOCATION="/usr/local/pumpio" |
There was a problem hiding this comment.
Probably /usr/local/lib/pumpio is more standard?
There was a problem hiding this comment.
Thinking about this a bit more, it should probably be placed in /usr/lib/node_modules. Not entirely sure about this though.
There was a problem hiding this comment.
I don't think so. Not if it's not installed directly via npm install -g.
docker/Dockerfile
Outdated
| ARG PUMPIO__UID=1337 | ||
|
|
||
| ENV PUMP_LOCATION="/usr/local/pumpio" | ||
| ENV PUMP_GIT_TAG="v4.0.0-beta.5" |
There was a problem hiding this comment.
Lop off the beta tag here since 4.0 final shipped since this was sent :)
There was a problem hiding this comment.
Trololololol, I like how @aurbot-user 👍'd this ;)
|
Hi, thanks a lot for your review strugee! I addressed most of your points in the last commits. One thing to note is that in order to build from the local repository, the Dockerfile et. al. have to live in the root of the repository ( The last open discussion point as far as I can see is the UID and GUID of the I would like to leave the UID and GUID configurable via a build argument, this is especially useful when running this in production with a host filesystem location mounted as a volume. This would allow you to easily change the file ownerships to a UID/GUID that suits your environment. Using IDs < 1000 would be a "cleaner" way, yes. I don't see how the current ID hurts though, so we could just leave it at that. It's a bikeshedding point IMO, but if you have any suggestions for a ID < 1000 I will happily change it! :) Please excuse the huge amount of stupid spelling mistakes and typos in the original PR, it was quite late when I wrote that (UTC+2) . :) |
|
@JanKoppe thanks for updating this! Some points (some of which I made inline too, but ¯_(ツ)_/¯):
Right. I personally wouldn't mind that. I dunno, maybe this isn't the norm in the Docker space (feel free to tell me if that's the case), but I personally feel like if we ship a Dockerfile in-repo I would expect it to build from what's on the local disk, in the same way that if a project ships e.g. a
Definitely wasn't suggesting it shouldn't be a build argument, just that the default should be different.
I don't really feel all that strongly about it, but I figured we might as well play it safe :) Perhaps 42 could serve as an equally amusing UID? :D |
|
Also wanted to explicitly point out #1348 (comment) and #1348 (comment) since they're hidden in outdated diffs |
|
Hey! took a while to get back on that. I've incorporated your suggestions and prepared the datadir for uploads, etc, which wasn't the case before. Sadly |
There was a problem hiding this comment.
Found a couple small things inline but otherwise this LGTM!
Last thing: if you could rebase on top of master, as well as adjusting your commit messages to match git style, that'd be awesome. Alternately if you're okay with me force-pushing to your branch, I can do this for you.
Thanks so much for doing this, and for your patience!
DOCKER.md
Outdated
| @@ -0,0 +1,44 @@ | |||
| # Dockerfile for pump.io | |||
|
|
|||
| This Dockerfile is based on Alpine Linux 3.5 and node 6.9. It build pump.io from the Git repository. | |||
DOCKER.md
Outdated
|
|
||
| ## Running | ||
|
|
||
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for the MongoDB. The recommended way to configure pump.io is to configure the options via environment variables, as described in the project's README. You can see some example variables in the `docker-compose.yml` file. This file will also show a basic working version which you can expand on. |
There was a problem hiding this comment.
"MongoDB" instead of "the MongoDB"
Dockerfile
Outdated
|
|
||
| RUN apk add --no-cache graphicsmagick openssl nodejs python make g++ git \ | ||
| && cd "${PUMP_LOCATION}" \ | ||
| && sed -i 's/"bcrypt": "0.8.x"/"bcrypt": "^1.0.2"/g' package.json \ |
|
@JanKoppe ping? |
|
Dang, this has completely slipped my mind. Will take a look at it tomorrow as it's getting quite late here! |
|
Hope this is how you want it. If you have any other change request, just force push to my branch, that's fine by me. :) |
DOCKER.md
Outdated
|
|
||
| ## Building | ||
|
|
||
| The image should build without any further options. The compile-error from node-gyp during the `npm install` can be ignored, as they only affect optional dependencies. |
|
|
||
| ## Running | ||
|
|
||
| By default this Dockerfile only includes the `databank-mongodb` driver. Therefore you will have to add the configuration parameters for MongoDB. The recommended way to configure pump.io is to configure the options via environment variables, as described in the project's README. You can see some example variables in the `docker-compose.yml` file. This file will also show a basic working version which you can expand on. |
There was a problem hiding this comment.
It'd be nice if we supported passing in another driver, but I'll file a followup for this
This commit adds a basic WIP Dockerfile for pump.
Adds a missing 'npm run build' directive, without which the container was not usable.
Adds missing graphicsmagick and databank-mongo packages. Also adds a very basic docker-compose configuration.
Fixed typos and formatting, more consistent use of env variables.
With this commit the container uses the sources in the current working directory instead of cloning the sources from a remote repository each time. This speeds up builds and ensures that the Dockerfile always uses the currently checked out code.
This patch changes the UID and GUID for the pumpio system user into the system range (< 1000). The installation location for the pump.io source is moved to a local dir instead of the npm installation directory. The datadir directory is prepared and permissions are set so that uploads will work out of the box. For persistence users should use a volume for this location.
|
@JanKoppe thank you so much for working on this! I'll merge when Travis is green :) |
This is a work in progress.
Adds a Dockerfile based on Alpine Linux 3.4.